Navigation

← Previous Changeset
Next Changeset →

Changeset 17

Timestamp:

2007-11-22 20:15:42 (5 years ago)

Author:

hannes

Message:

closing cursors where it seems necessary

Files:

trunk/admin/classes/pages/Addcategory.php (modified) (1 diff)
trunk/admin/classes/pages/Addforum.php (modified) (1 diff)
trunk/admin/classes/pages/Editmember.php (modified) (6 diffs)
trunk/admin/classes/pages/Moderators.php (modified) (2 diffs)
trunk/admin/classes/pages/Modifycategory.php (modified) (1 diff)
trunk/admin/classes/pages/Modifyforum.php (modified) (1 diff)
trunk/admin/classes/pages/Permissions.php (modified) (7 diffs)
trunk/classes/misc/Member.php (modified) (18 diffs)
trunk/classes/misc/Post.php (modified) (13 diffs)
trunk/classes/pages/Category.php (modified) (4 diffs)
trunk/classes/pages/Delete.php (modified) (2 diffs)
trunk/classes/pages/Edit.php (modified) (2 diffs)
trunk/classes/pages/Forum.php (modified) (6 diffs)
trunk/classes/pages/Lostpassword.php (modified) (2 diffs)
trunk/classes/pages/Mail.php (modified) (2 diffs)
trunk/classes/pages/Members.php (modified) (2 diffs)
trunk/classes/pages/Messenger.php (modified) (16 diffs)
trunk/classes/pages/Moderate.php (modified) (6 diffs)
trunk/classes/pages/Newpoll.php (modified) (1 diff)
trunk/classes/pages/Newtopic.php (modified) (1 diff)
trunk/classes/pages/Page.php (modified) (9 diffs)
trunk/classes/pages/Register.php (modified) (4 diffs)
trunk/classes/pages/Reply.php (modified) (3 diffs)
trunk/classes/pages/Search.php (modified) (3 diffs)
trunk/classes/pages/Topic.php (modified) (6 diffs)
trunk/classes/pages/Userpanel.php (modified) (12 diffs)
trunk/includes/login.php (modified) (1 diff)
trunk/includes/session.php (modified) (5 diffs)
trunk/redirectors/pollvote.php (modified) (4 diffs)
trunk/redirectors/preview.php (modified) (1 diff)
trunk/redirectors/showip.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/admin/classes/pages/Addcategory.php

r1	r17
45	45	$q->execute();
46	46	$neworder = $q->fetchColumn();
	47	$q->closeCursor();
47	48	$neworder++;
48	49	// add category

trunk/admin/classes/pages/Addforum.php

r13	r17
46	46	$q->execute();
47	47	$neworder = $q->fetchColumn() + 1;
	48	$q->closeCursor();
48	49	// add forum
49	50	$q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'forums (forumtitle, forumdescription, forum_category, forum_order) VALUES (:title, :desc, :id, :order)');

trunk/admin/classes/pages/Editmember.php

r9	r17
51	51	$q->bindParam(':id', $id, PDO::PARAM_INT, 12);
52	52	if ($q->execute() && $q->fetchColumn() == 1) {
	53	$q->closeCursor();
53	54	if ($submit == $LANG['Submit']) {
54	55	// write new member profile into database
…	…
149	150	$q2->execute();
150	151	$_groupid = $q2->fetchColumn();
	152	$q2->closeCursor();
151	153	$q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'groupmemberships WHERE member = :id AND usergroup = :group');
152	154	$q->bindParam(':id', $id, PDO::PARAM_INT, 12);
…	…
161	163	$q2->execute();
162	164	$_groupid = $q2->fetchColumn();
	165	$q2->closeCursor();
163	166	$q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'groupmemberships (member, usergroup) VALUES (:id, :group)');
164	167	$q->bindParam(':id', $id, PDO::PARAM_INT, 12);
…	…
213	216	}
214	217	} else {
	218	$q->closeCursor();
215	219	$div = $this->html->body->addChild('div', $LANG['error_id']);
216	220	$div->addAttribute('id', 'admin_main');
…	…
409	413	$q->execute();
410	414	$row = $q->fetchObject();
	415	$q->closeCursor();
411	416	$this->html->body->addElement(new XMLElement('<div><b>' . $LANG['Member'] . ': ' . $row->membername . '</b></div>'));
412	417	$this->html->body->addChild('br');
…	…
431	436	$_col2 .= ' checked="checked"';
432	437	}
	438	$q3->closeCursor();
433	439	$_col2 .= ' value="1" /></td>';
434	440	$form->addRawTableRow(Array($_col1, $_col2));

trunk/admin/classes/pages/Moderators.php

r1	r17
52	52	$q->bindParam(':name', trim($_mod), PDO::PARAM_STR);
53	53	if ($q->execute() && $row2 = $q->fetchObject()) {
	54	$q->closeCursor();
54	55	if ($row2->memberstatus == 'Moderator') {
55	56	// valid
…	…
61	62	} else {
62	63	// invalid
	64	$q->closeCursor();
63	65	$_invalid[] = $_mod;
64	66	}

trunk/admin/classes/pages/Modifycategory.php

r1	r17
67	67	$q->execute();
68	68	$_num = $q->fetchColumn();
	69	$q->closeCursor();
69	70	// get category data
70	71	foreach ($C->query('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'categories ORDER BY category_order ASC') as $row) {

trunk/admin/classes/pages/Modifyforum.php

r1	r17
80	80	$q3->execute();
81	81	$_num = $q3->fetchColumn();
	82	$q3->closeCursor();
82	83	for ($i = 1; $i <= $_num; $i++) {
83	84	$_col4 .= '<option value="' . $i . '"';

trunk/admin/classes/pages/Permissions.php

r7	r17
56	56	$q->bindParam(':id', $id, PDO::PARAM_INT, 12);
57	57	if ($q->execute() && $row = $q->fetchObject()) {
	58	$q->closeCursor();
58	59	// delete previously set permissions of this group
59	60	$q2 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'rights WHERE usergroup = :id');
…	…
110	111	} else {
111	112	// invalid group
	113	$q->closeCursor();
112	114	$div = $this->html->body->addChild('div', $LANG['error_id']);
113	115	$div->addAttribute('id', 'admin_main');
…	…
124	126	$q->bindParam(':id', $id, PDO::PARAM_INT, 12);
125	127	if ($q->execute() && $row = $q->fetchObject()) {
	128	$q->closeCursor();
126	129	$form = new Form($F->link('permissions'));
127	130	$form->addInput('hidden', 'id', $id);
…	…
153	156	$_row = $q2->fetchObject();
154	157	}
	158	$q2->closeCursor();
155	159	if (!isset($_row->read)) {
156	160	// nothing set yet, so 'default deny'
…	…
184	188	$_row = $q2->fetchObject();
185	189	}
	190	$q2->closeCursor();
186	191	if (!isset($_row->read)) {
187	192	// nothing set yet, so 'default deny'
…	…
212	217	$_row = $q2->fetchObject();
213	218	}
	219	$q2->closeCursor();
214	220	if (!isset($_row->read)) {
215	221	// nothing set yet, so 'default deny'
…	…
236	242	} else {
237	243	// invalid group
	244	$q->closeCursor();
238	245	$div = $this->html->body->addChild('div', $LANG['error_id']);
239	246	$div->addAttribute('id', 'admin_main');

trunk/classes/misc/Member.php

r9	r17
80	80	}
81	81	if ($s && $row = $q->fetchObject()) {
	82	$q->closeCursor();
82	83	// member found - put information in object variables
83	84	$this->id = $row->memberid;
…	…
127	128	$row2->posts = 0;
128	129	}
	130	$q2->closeCursor();
129	131	$this->posts = $row2->posts;
130	132	// determine stage by number of posts
…	…
137	139	}
138	140	} else {
	141	$q->closeCursor();
139	142	// member hasn't been found - deleted member
140	143	$this->id = 0;
…	…
419	422	$password = '*';
420	423	}
	424	$q->closeCursor();
421	425	// check if member's name exists
422	426	$q = $C->prepare('SELECT memberpassword FROM ' . $SETTINGS['dbtableprefix'] . 'members WHERE membername=:user');
…	…
425	429	$_fail = 0;
426	430	if ($s && $row = $q->fetchObject()) {
	431	$q->closeCursor();
427	432	// check if password is correct
428	433	if ($row->memberpassword === $password) {
…	…
435	440	} else {
436	441	// username doesn't even exist
	442	$q->closeCursor();
437	443	$_fail = 1;
438	444	}
…	…
540	546	$_groups[] = $row->usergroup;
541	547	}
	548	$q->closeCursor();
542	549	// check for each of the user's groups
543	550	foreach ($_groups as $key=>$val) {
…	…
552	559	$_permit = TRUE;
553	560	}
	561	$q->closeColumn();
554	562	}
555	563	}
…	…
576	584	// result WILL exist, because if that group doesn't exist, the board isn't correctly set up anyway
577	585	$row = $q->fetchObject();
	586	$q->closeCursor();
578	587	$_groups[0] = $row->id;
579	588	}
…	…
593	602	$_permit = TRUE;
594	603	}
	604	$q->closeCursor();
595	605	}
596	606	// done
…	…
603	613	$q2->execute();
604	614	$row = $q2->fetchObject();
	615	$q2->closeCursor();
605	616	$id = $row->forum;
606	617	}
…	…
618	629	$_permit = TRUE;
619	630	}
	631	$q->closeCursor();
620	632	}
621	633	// done
…	…
635	647	$_permit = TRUE;
636	648	}
	649	$q->closeCursor();
637	650	}
638	651	if ($_permit === FALSE) {
…	…
644	657	$q->execute();
645	658	$row = $q->fetchObject();
	659	$q->closeCursor();
646	660	if ($row->postedbymember == 1 && $row->poster == $_SESSION['membername']) {
647	661	// it IS the topic starter
…	…
655	669	$q->execute();
656	670	$row = $q->fetchObject();
	671	$q->closeCursor();
657	672	if ($row->postedbymember == 1 && $row->poster == $_SESSION['membername']) {
658	673	// it IS the poster
…	…
669	684	// overwrite $id for the following steps
670	685	$id = $q->fetchColumn();
	686	$q->closeCursor();
671	687	}
672	688	// $id given as topic id, so get forum id first
…	…
675	691	$q->execute();
676	692	$_forumid = $q->fetchColumn();
	693	$q->closeCursor();
677	694	// check if this person IS a moderator of this particular forum
678	695	$q = $C->prepare('SELECT COUNT(*) FROM ' . $SETTINGS['dbtableprefix'] . 'moderators WHERE forum=:forum AND member=:member');
…	…
684	701	$_permit = TRUE;
685	702	}
	703	$q->closeCursor();
686	704	}
687	705	}

trunk/classes/misc/Post.php

r9	r17
44	44	$this->post = $q->fetchObject();
45	45	}
	46	$q->closeCursor();
46	47	}
47	48	} /* constructor */
…	…
139	140	if ($s) {
140	141	$row = $q->fetchObject();
	142	$q->closeCursor();
141	143	if ($row->closed == '1') {
142	144	// topic closed - error
…	…
165	167	$_error = $LANG['error_id'];
166	168	}
	169	$q->closeCursor();
167	170	}
168	171	if ($show_orig === 'newpoll') {
…	…
186	189	if (($_SESSION['lastposttime'] + $SETTINGS['floodcontrol'] >= time()) && ($q->fetchColumn() + $SETTINGS['floodcontrol'] >= time())) {
187	190	// too little time between posts
	191	$q->closeCursor();
188	192	$_error = $LANG['error_floodcontrol'];
189	193	$ok = 0;
190	194	} else {
191	195	// sort out IP banning
	196	$q->closeCursor();
192	197	foreach ($bannedip as $_ip) {
193	198	if (strpos($_SERVER['REMOTE_ADDR'], $_ip) !== FALSE) {
…	…
206	211	if ($s && $q->fetchColumn() >= 1) {
207	212	// name taken
	213	$q->closeCursor();
208	214	$ok = 0;
209	215	$_error = $LANG['error_name_taken'];
210	216	} else {
211	217	// check if session password has been correctly entered
	218	$q->closeCursor();
212	219	if ($password !== $_SESSION['pw']) {
213	220	$ok = 0;
…	…
236	243	if ($s) {
237	244	$row = $q->fetchObject();
	245	$q->closeCursor();
238	246	// check if he's banned
239	247	if ($row->memberstatus != 'Banned') {
…	…
328	336	$q->execute();
329	337	$row = $q->fetchColumn();
	338	$q->closeCursor();
330	339	$pollid = $row;
331	340	@$C->query('UNLOCK TABLE ' . $SETTINGS['dbtableprefix'] . 'polls');
…	…
342	351	$q->execute();
343	352	// get new topic id
344		$q = $C->query('SELECT MAX(topicid) FROM ' . $SETTINGS['dbtableprefix'] . 'topics');
	353	$q = $C->prepare('SELECT MAX(topicid) FROM ' . $SETTINGS['dbtableprefix'] . 'topics');
	354	$q->execute();
345	355	$row = $q->fetchColumn();
	356	$q->closeCursor();
346	357	// topicid is called 'reply' in following statements
347	358	$reply = $row;
…	…
386	397	}
387	398	}
388		/*
389		~~$q = $C->prepare('SELECT member FROM ' . $SETTINGS['dbtableprefix'] . 'subscriptions WHERE topic=:id');~~
390		~~$q->bindParam(':id', $reply, PDO::PARAM_INT, 12);~~
391		~~$q->execute();~~
392		~~$subscribed = Array();~~
393		~~while ($row = $q->fetchObject()) {~~
394		~~$subscribed[] = $row->member;~~
395		}
396		~~// check if this user has already been subscribed~~
397		~~$found = 0;~~
398		~~foreach($subscribed as $subscriber) {~~
399		~~if ($subscriber == $_SESSION['memberid']) {~~
400		~~// previously subscribed~~
401		~~$found = 1;~~
402		}
403		}
404		~~if ($subscribe == '1' && $found === 0) {~~
405		~~// new subscription~~
406		~~$subscribed_new = '';~~
407		~~// retain old subscriptions~~
408		~~if ($row->subscribed != '') {~~
409		~~$subscribed_new = $row->subscribed . ',';~~
410		}
411		~~// add subscription for this user~~
412		~~$subscribed_new .= $_SESSION['memberid'];~~
413		~~// write back to database~~
414		~~$q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'topics SET subscribed=:subs WHERE topicid=:id');~~
415		~~$q->bindParam(':subs', $subscribed_new, PDO::PARAM_STR);~~
416		~~$q->bindParam(':id', $reply, PDO::PARAM_INT,12);~~
417		~~$q->execute();~~
418		~~} elseif ($subscribe == '0' && $found === 1) {~~
419		~~// remove subscription~~
420		~~$subscribed_new = str_replace($_SESSION['memberid'], '', $row->subscribed);~~
421		~~$subscribed_new = str_replace(',,', ',', $subscribed_new);~~
422		~~// write back~~
423		~~$q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'topics SET subscribed=:subs WHERE topicid=:id');~~
424		~~$q->bindParam(':subs', $subscribed_new, PDO::PARAM_STR);~~
425		~~$q->bindParam(':id', $reply, PDO::PARAM_INT,12);~~
426		~~$q->execute();~~
427		}
428		*/
429	399	// get last page of topic
430	400	$q = $C->prepare('SELECT COUNT(postid) FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic=:id');
…	…
432	402	$q->execute();
433	403	$row = $q->fetchColumn();
	404	$q->closeCursor();
434	405	// calculate page
435	406	$page = ceil($row / $SETTINGS['postsperpage']);
…	…
439	410	$q->execute();
440	411	$row = $q->fetchObject();
	412	$q->closeCursor();
441	413	$subscribed = explode(',', $row->subscribed);
442	414	foreach ($subscribed as $subscriber) {
…	…
448	420	if ($s) {
449	421	$row2 = $q2->fetchObject();
	422	$q2->closeCursor();
450	423	// use receipient's language
451	424	if ($row2->lang != '') {
…	…
461	434	// back to user's language
462	435	include('includes/lang/' . $_SESSION['lang'] . '.php');
	436	} else {
	437	$q2->closeCursor();
463	438	}
464	439	}

trunk/classes/pages/Category.php

r13	r17
79	79	$q3->execute();
80	80	$row3 = $q3->fetchObject();
	81	$q3->closeCursor();
81	82	// number of posts
82	83	$q4 = $C->prepare('SELECT COUNT(postid) AS posts FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic IN (SELECT topicid FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE forum=:forum)');
…	…
84	85	$q4->execute();
85	86	$row4 = $q4->fetchObject();
	87	$q4->closeCursor();
86	88	// last activity
87	89	$q5 = $C->prepare('SELECT t.topicid AS topicid,t.topictitle AS topictitle, p.posttime AS posttime, p.poster AS poster, p.postedbymember AS postedbymember FROM ' . $SETTINGS['dbtableprefix'] . 'posts p, ' . $SETTINGS['dbtableprefix'] . 'topics t WHERE t.forum=:forum AND p.topic=t.topicid ORDER BY p.posttime DESC LIMIT 0,1');
…	…
89	91	$q5->execute();
90	92	$row5 = $q5->fetchObject();
	93	$q5->closeCursor();
91	94	// get poster information
92	95	$_poster = new Member($row5->poster, $row5->postedbymember);
…	…
141	144	$s = $q->execute();
142	145	if ($s && $r = $q->fetchObject()) {
	146	$q->closeCursor();
143	147	return $r->category_name;
144	148	} else {
	149	$q->closeCursor();
145	150	return '';
146	151	}

trunk/classes/pages/Delete.php

r1	r17
40	40	$q3->execute();
41	41	$row3 = $q3->fetchObject();
	42	$q3->closeCursor();
42	43	$q = $C->prepare('SELECT topictitle, forum FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid=:id');
43	44	$q->bindParam(':id', $row3->topic, PDO::PARAM_INT, 12);
44	45	$q->execute();
45	46	$row = $q->fetchObject();
	47	$q->closeCursor();
46	48	$q2 = $C->prepare('SELECT forumtitle, forum_category FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forumid=:forum');
47	49	$q2->bindParam(':forum', $row->forum, PDO::PARAM_INT, 12);
48	50	$q2->execute();
49	51	$row2 = $q2->fetchObject();
	52	$q2->closeCursor();
50	53	$this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $row->topictitle . ' - ' . $LANG['Delete_Post'];
51	54	$this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $row->forum . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('topic') . 'id=' . $row3->topic . '">' . $row->topictitle . '</a> - <a href="' . $F->link('delete') . 'id=' . $id . '">' . $LANG['Delete_Post'] . '</a>';
…	…
63	66	$q->execute();
64	67	$_posts = $q->fetchColumn();
	68	$q->closeCursor();
65	69	if ($_posts >= 2) {
66	70	// purge post from database

trunk/classes/pages/Edit.php

r1	r17
40	40	$q3->execute();
41	41	$row3 = $q3->fetchObject();
	42	$q3->closeCursor();
42	43	$q = $C->prepare('SELECT topictitle, forum FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid=:id');
43	44	$q->bindParam(':id', $row3->topic, PDO::PARAM_INT, 12);
44	45	$q->execute();
45	46	$row = $q->fetchObject();
	47	$q->closeCursor();
46	48	$q2 = $C->prepare('SELECT forumtitle, forum_category FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forumid=:forum');
47	49	$q2->bindParam(':forum', $row->forum, PDO::PARAM_INT, 12);
48	50	$q2->execute();
49	51	$row2 = $q2->fetchObject();
	52	$q2->closeCursor();
50	53	$this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $row->topictitle . ' - ' . $LANG['Edit_Post'];
51	54	$this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $row->forum . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('topic') . 'id=' . $row3->topic . '">' . $row->topictitle . '</a> - <a href="' . $F->link('delete') . 'id=' . $id . '">' . $LANG['Edit_Post'] . '</a>';
…	…
76	79	$q->execute();
77	80	$_count = $q->fetchColumn();
	81	$q->closeCursor();
78	82	$_page = ceil($_count / $SETTINGS['postsperpage']);
79	83	// form

trunk/classes/pages/Forum.php

r1	r17
38	38	$q->execute();
39	39	$row = $q->fetchObject();
	40	$q->closeCursor();
40	41	$this->title = ' - ' . Category::getName($row->forum_category) . ' - ' . $row->forumtitle;
41	42	$this->location = ' - <a href="' . $F->link('category') . 'id=' . $row->forum_category . '">' . Category::getName($row->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $id . '">' . $row->forumtitle . '</a>';
…	…
51	52	$q->execute();
52	53	$row = $q->fetchObject();
	54	$q->closeCursor();
53	55	// new topic and poll buttons
54	56	$postbuttons = new Postbuttons(TRUE, $row->forumid);
…	…
59	61	$q2->execute();
60	62	$row2 = $q2->fetchObject();
	63	$q2->closeCursor();
61	64	// calculate start for this page
62	65	if (!isset($page) \|\| $page == '') { $page = 1; }
…	…
95	98	$q3->execute();
96	99	$row3 = $q3->fetchObject();
	100	$q3->closeCursor();
97	101	// get last post
98	102	$q4 = $C->prepare('SELECT poster, postedbymember, posttime FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic=:topicid ORDER BY posttime DESC LIMIT 0,1');
…	…
100	104	$q4->execute();
101	105	$row4 = $q4->fetchObject();
	106	$q4->closeCursor();
102	107	// get first and last poster information
103	108	$_poster1 = new Member($row3->poster, $row3->postedbymember);
…	…
125	130	$_mark .= ' &omicron;';
126	131	}
	132	$q->closeCursor();
127	133	}
128	134	// add all the previously compiled topic information to table

trunk/classes/pages/Lostpassword.php

r1	r17
51	51	if ($s && $row = $q->fetchObject()) {
52	52	// member found -> generate random password
	53	$q->closeCursor();
53	54	$p = new Password();
54	55	$p->generate(12);
…	…
58	59	@mail($email, $SETTINGS['forumname'] . ' - ' . $LANG['Lost_Password'], str_replace(Array('%membername%', '%password%'), Array($row->membername, $p->get()), $LANG['lost_password_mail']), 'From: ' . $SETTINGS['forumadminemail']);
59	60	} else {
	61	$q->closeCursor();
60	62	$this->html->body->addChild('div', $LANG['error_unknown_mail_address']);
61	63	}

trunk/classes/pages/Mail.php

r1	r17
51	51	$q->execute();
52	52	$row = $q->fetchObject();
	53	$q->closeCursor();
53	54	// get receipient information
54	55	$q = $C->prepare('SELECT memberemail, membername, memberemailhidden, lang FROM ' . $SETTINGS['dbtableprefix'] . 'members WHERE memberid=:id');
…	…
56	57	$q->execute();
57	58	$row2 = $q->fetchObject();
	59	$q->closeCursor();
58	60	// mandatory fields
59	61	if (isset($subject) && $subject != '' && isset($post) && $post != '') {

trunk/classes/pages/Members.php

r1	r17
80	80	$q2 = $C->query('SELECT COUNT(memberid) FROM ' . $SETTINGS['dbtableprefix'] . 'members');
81	81	$membercount = $q2->fetchColumn();
	82	$q2->closeCursor();
82	83	// build page navigation
83	84	$pages = new Pagination($SETTINGS['topicsperpage'], $page, $membercount);
…	…
105	106	$q3->execute();
106	107	$_postercount = $q3->fetchColumn();
	108	$q3->closeCursor();
107	109	$_nonpostercount = $membercount - $_postercount;
108	110	// define start and length of database query

trunk/classes/pages/Messenger.php

r1	r17
78	78	$q->execute();
79	79	if ($_id = $q->fetchColumn()) {
	80	$q->closeCursor();
80	81	// append new id
81	82	$q = $C->prepare('SELECT addressbook FROM ' . $SETTINGS['dbtableprefix'] . 'members WHERE memberid=:id');
…	…
83	84	$q->execute();
84	85	$addresses = $q->fetchColumn();
	86	$q->closeCursor();
85	87	$addresses .= "\n" . $_id;
86	88	// write back to database
…	…
91	93	$div->addChild('span', $LANG['address_added']);
92	94	} else {
	95	$q->closeCursor();
93	96	$div->addChild('span', $LANG['error_unknown_username']);
94	97	}
…	…
102	105	$q->execute();
103	106	$_addr = $q->fetchColumn();
	107	$q->closeCursor();
104	108	$addresses = str_replace($id . "\n", '', $_addr);
105	109	// write back
…	…
124	128	$q->execute();
125	129	$_addr = $q->fetchColumn();
	130	$q->closeCursor();
126	131	if ($_addr != '') {
127	132	$addresses = split("\n", trim($_addr));
…	…
169	174	$_done = 0;
170	175	if ($row = $q->fetchObject()) {
	176	$q->closeCursor();
171	177	// check if it's the sender or receipient
172	178	if ($row->messagesender === $_SESSION['memberid']) {
…	…
193	199	}
194	200	} else {
	201	$q->closeCursor();
195	202	$div->addChild('span', $LANG['error_id']);
196	203	}
…	…
221	228	$q->execute();
222	229	$_status = $q->fetchColumn();
	230	$q->closeCursor();
223	231	if ($_status == 'Banned') {
224	232	$ok = -1;
…	…
233	241	$q->execute();
234	242	if ($row = $q->fetchObject()) {
	243	$q->closeCursor();
235	244	// format message
236	245	$title = $F->htmlentities(trim($subject));
…	…
254	263	$q->execute();
255	264	$_new_id = $q->fetchColumn();
	265	$q->closeCursor();
256	266	// unlock table
257	267	@$C->query('UNLOCK TABLE ' . $SETTINGS['dbtableprefix'] . 'messages');
…	…
269	279	$div->addChild('span', str_replace('%to%', $to, $LANG['message_sent']));
270	280	} else {
	281	$q->closeCursor();
271	282	$_error = $LANG['error_unknown_receipient'];
272	283	}
…	…
296	307	if ($q->execute()) {
297	308	$row = $q->fetchObject();
	309	$q->closeCursor();
298	310	$_rec = $row->messagesender;
299	311	$title = $row->messagetitle;
…	…
303	315	}
304	316	$quotetext = '[quote]' . $row->message . "[/quote]\n";
	317	} else {
	318	$q->closeCursor();
305	319	}
306	320	} else {
…	…
331	345	}
332	346	$div->addElement($_table->get());
333		} else { $div->addChild('div', $LANG['error_unknown']); }
	347	} else {
	348	$q->closeCursor();
	349	$div->addChild('div', $LANG['error_unknown']);
	350	}
334	351	} else {
335	352	// not allowed -> log in
…	…
346	363	if ($q->execute()) {
347	364	$row = $q->fetchObject();
	365	$q->closeCursor();
348	366	$_sender = new Member($row->messagesender);
349	367	$_table = new Table('messagetable');
…	…
362	380	$q->execute();
363	381	}
364		} else { $div->addChild('div', $LANG['error_unknown']); }
	382	} else {
	383	$q->closeCursor();
	384	$div->addChild('div', $LANG['error_unknown']);
	385	}
365	386	} else {
366	387	// not allowed -> log in

trunk/classes/pages/Moderate.php

r1	r17
41	41	$q->execute();
42	42	$row = $q->fetchObject();
	43	$q->closeCursor();
43	44	$q2 = $C->prepare('SELECT forumtitle, forum_category FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forumid=:forum');
44	45	$q2->bindParam(':forum', $row->forum, PDO::PARAM_INT, 12);
45	46	$q2->execute();
46	47	$row2 = $q2->fetchObject();
	48	$q2->closeCursor();
47	49	$this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $row->topictitle . ' - ' . $LANG['Moderate'];
48	50	$this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $row->forum . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('topic') . 'id=' . $id . '">' . $row->topictitle . '</a> - <a href="' . $F->link('moderate') . '">' . $LANG['Moderate'] . '</a>';
…	…
336	338	$q->execute();
337	339	$_postcount = $q->fetchColumn();
	340	$q->closeCursor();
338	341	// clean array of posts so that just the ones which should be moved remain
339	342	$move = array_values($_POST['move']);
…	…
345	348	$q->execute();
346	349	$_forum = $q->fetchColumn();
	350	$q->closeCursor();
347	351	// lock table
348	352	@$C->query('LOCK TABLES ' . $SETTINGS['dbtableprefix'] . 'topics WRITE');
…	…
357	361	$q->execute();
358	362	$_new_id = $q->fetchColumn();
	363	$q->closeCursor();
359	364	@$C->query('UNLOCK TABLES');
360	365	// put chosen posts into new topic
…	…
373	378	$q2->bindParam(':id', $id, PDO::PARAM_INT, 12);
374	379	$_poll_id = $q->fetchColumn();
	380	$q2->closeCursor();
375	381	// write to new topic
376	382	$q2 = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'topics SET poll=:poll WHERE topicid=:id');
…	…
412	418	$q->execute();
413	419	$poll = $q->fetchColumn();
	420	$q->closeCursor();
414	421	if ($poll > 0) {
415	422	$_form->addRawTableRow(Array($LANG['Poll'] . ':', '<td><input type="radio" name="poll" value="0" checked="checked" />' . $LANG['old'] . ' <input type="radio" name="poll" value="1" />' . $LANG['new'] . '</td>'));

trunk/classes/pages/Newpoll.php

r1	r17
40	40	$q2->execute();
41	41	$row2 = $q2->fetchObject();
	42	$q2->closeCursor();
42	43	$this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $LANG['New_Topic'];
43	44	$this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $id . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('newpoll') . 'id=' . $id . '">' . $LANG['New_Poll'] . '</a>';

trunk/classes/pages/Newtopic.php

r8	r17
40	40	$q2->execute();
41	41	$row2 = $q2->fetchObject();
	42	$q2->closeCursor();
42	43	$this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $LANG['New_Topic'];
43	44	$this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $id . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('newtopic') . 'id=' . $id . '">' . $LANG['New_Topic'] . '</a>';

trunk/classes/pages/Page.php

r9	r17
235	235	$q = $C->query('SELECT COUNT(onlinememberid) FROM ' . $SETTINGS['dbtableprefix'] . 'online');
236	236	if ($q->fetchColumn() > 0) {
	237	$q->closeCursor();
237	238	$q = $C->query('SELECT onlinememberid FROM ' . $SETTINGS['dbtableprefix'] . 'online');
238	239	// count number of members and guests
…	…
259	260	} else {
260	261	// if the online table is empty
	262	$q->closeCursor();
261	263	$_str = '1 ' . $LANG['Guest'];
262	264	}
…	…
300	302	$q = $C->query('SELECT COUNT(memberid) AS count FROM ' . $SETTINGS['dbtableprefix'] . 'members');
301	303	$row = $q->fetchObject();
	304	$q->closeCursor();
302	305	$_str .= ' ' . $row->count . ' ' . $LANG['members'] . '.</div><div>' . $LANG['The_newest_member_is'] . ' ';
303	306	$q = $C->query('SELECT memberid, membername FROM ' . $SETTINGS['dbtableprefix'] . 'members ORDER BY registered DESC LIMIT 1');
304	307	$row = $q->fetchObject();
	308	$q->closeCursor();
305	309	$_str .= '<a href="' . $F->link('profile') . 'id=' . $row->memberid . '">' . $row->membername . '</a>.</div><div>' . $LANG['There_are'] . ' ';
306	310	$q = $C->query('SELECT COUNT(postid) AS count FROM ' . $SETTINGS['dbtableprefix'] . 'posts');
307	311	$row = $q->fetchObject();
	312	$q->closeCursor();
308	313	$_str .= $row->count . ' ' . $LANG['posts'] . ' ' . $LANG['in'] . ' ';
309	314	$q = $C->query('SELECT COUNT(topicid) AS count FROM ' . $SETTINGS['dbtableprefix'] . 'topics');
310	315	$row = $q->fetchObject();
	316	$q->closeCursor();
311	317	$_str .= $row->count . ' ' . $LANG['threads'] . '.</div>';
312	318	// put into table
…	…
326	332	$q->execute();
327	333	$_admin = $q->fetchColumn();
	334	$q->closeCursor();
328	335	}
329	336	// debugging output
…	…
349	356	$q->execute();
350	357	if ($q->fetchColumn() >= 1) {
	358	$q->closeCursor();
351	359	// get the oldest one
352	360	$q = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'mails ORDER BY id ASC LIMIT 0,1');
353	361	$q->execute();
354	362	$row = $q->fetchObject();
	363	$q->closeCursor();
355	364	// send it
356	365	@mail($row->receipient, $row->subject, $row->body, 'From: '.$SETTINGS['forumadminemail']);
…	…
359	368	$q->bindParam(':id', $row->id, PDO::PARAM_INT, 12);
360	369	$q->execute();
	370	} else {
	371	$q->closeCursor();
361	372	}
362	373	// private message notification
…	…
367	378	$q->execute();
368	379	$_flag = $q->fetchColumn();
	380	$q->closeCursor();
369	381	if ($_flag == 1) {
370	382	// check if there are message which the user hasn't been notified of yet
…	…
374	386	$q->execute();
375	387	if ($row = $q->fetchObject()) {
	388	$q->closeCursor();
376	389	// set 'notified' flag so that user isn't nagged on every page load
377	390	$q2 = $C->prepare('UPDATE '.$SETTINGS['dbtableprefix'].'messages SET messagereceipientflag=:two WHERE messageid=:id');
…	…
390	403	// add notification script
391	404	$this->html->body->addChild('script', "if (confirm('" . str_replace("%count%", $count, $LANG['x_unread_messages']) . "')) { window.location.href = '" . $F->link("messenger") . "action=inbox' }");
	405	} else {
	406	$q->closeCursor();
392	407	}
393	408	}

trunk/classes/pages/Register.php

r11	r17
79	79	$ok = 0;
80	80	}
	81	$q->closeCursor();
81	82	// if this has been set to be prevented, check if e-mail address already belongs to an account
82	83	if ($SETTINGS['severalaccountspermail'] == 0) {
…	…
89	90	$ok = 0;
90	91	}
	92	$q->closeCursor();
91	93	}
92	94	// only proceed if all checks were successful
…	…
108	110	$q->bindParam(':member', $_member, PDO::PARAM_STR, 6);
109	111	$q->execute();
110		$q = $C->query('SELECT MAX(memberid) AS id FROM ' . $SETTINGS['dbtableprefix'] . 'members');
	112	$q = $C->prepare('SELECT MAX(memberid) AS id FROM ' . $SETTINGS['dbtableprefix'] . 'members');
	113	$q->execute();
111	114	$row = $q->fetchObject();
	115	$q->closeCursor();
112	116	@$C->query('UNLOCK TABLE ' . $SETTINGS['dbtableprefix'] . 'members');
113	117	// set actual password
…	…
118	122	$q->execute();
119	123	$row2 = $q->fetchObject();
	124	$q->closeCursor();
120	125	$q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'groupmemberships (member, usergroup) VALUES (:member, :group)');
121	126	$q->bindParam(':member', $row->id, PDO::PARAM_INT, 12);

trunk/classes/pages/Reply.php

r9	r17
40	40	$q->execute();
41	41	$row = $q->fetchObject();
	42	$q->closeCursor();
42	43	$q2 = $C->prepare('SELECT forumtitle, forum_category FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forumid=:forum');
43	44	$q2->bindParam(':forum', $row->forum, PDO::PARAM_INT, 12);
44	45	$q2->execute();
45	46	$row2 = $q2->fetchObject();
	47	$q2->closeCursor();
46	48	$this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $row->topictitle . ' - ' . $LANG['Reply'];
47	49	$this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $row->forum . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('topic') . 'id=' . $id . '">' . $row->topictitle . '</a> - <a href="' . $F->link('reply') . 'id=' . $id . '">' . $LANG['Reply'] . '</a>';
…	…
66	68	$q->execute();
67	69	$row4 = $q->fetchObject();
	70	$q->closeCursor();
68	71	$_quote_text = '[quote]' . $F->htmlentities($row4->post, TRUE) . '[/quote]';
69	72	}
…	…
79	82	$subscribed = TRUE;
80	83	}
	84	$q->closeCursor();
81	85	}
82	86	// form

trunk/classes/pages/Search.php

r1	r17
124	124	$q->execute();
125	125	$_username = $q->fetchColumn();
	126	$q->closeCursor();
126	127	$query = 'SELECT p.postid, p.topic, p.poster, p.posttime, p.post, t.topictitle FROM ' . $SETTINGS['dbtableprefix'] . 'posts p, ' . $SETTINGS['dbtableprefix'] . 'topics t WHERE t.topicid=p.topic AND p.poster=:username AND p.postedbymember=1 %cond% ORDER BY p.posttime DESC';
127	128	break;
…	…
169	170	$q->execute();
170	171	$_num_results = $q->fetchColumn(0);
	172	$q->closeCursor();
171	173	// build page navigation
172	174	$pages = new Pagination($SETTINGS['postsperpage'], $page, $_num_results);
…	…
211	213	} else {
212	214	// errors occured -> message
	215	$q->closeCursor();
213	216	$this->html->body->addChild('div', $_error);
214	217	}

trunk/classes/pages/Topic.php

r1	r17
38	38	$q->execute();
39	39	$row = $q->fetchObject();
	40	$q->closeCursor();
40	41	}
41	42	// define title and location
…	…
45	46	$q2->execute();
46	47	$row2 = $q2->fetchObject();
	48	$q2->closeCursor();
47	49	$this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $row->topictitle;
48	50	$this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $row->forum . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('topic') . 'id=' . $id . '">' . $row->topictitle . '</a>';
…	…
59	61	$q->execute();
60	62	$row = $q->fetchObject();
	63	$q->closeCursor();
61	64	// update views
62	65	$_newviews = $row->topic_views + 1;
…	…
73	76	$q2->execute();
74	77	$row2 = $q2->fetchObject();
	78	$q2->closeCursor();
75	79	// calculate start for this page
76	80	if (!isset($page) \|\| $page == '') { $page = 1; }
…	…
93	97	$q2->execute();
94	98	$row2 = $q2->fetchObject();
	99	$q2->closeCursor();
95	100	// check if logged in member already voted
96	101	$pollvoters = split("\n", $row2->pollvoters);
…	…
230	235	$q->bindParam(':id', $id, PDO::PARAM_INT, 12);
231	236	if ($q->execute()) {
232		return $q->fetchColumn();
	237	$_title = $q->fetchColumn();
	238	$q->closeCursor();
	239	return $_title;
233	240	} else {
234	241	return FALSE;

trunk/classes/pages/Userpanel.php

r9	r17
57	57	$s = $q->execute();
58	58	if ($s && $row = $q->fetchObject()) {
	59	$q->closeCursor();
59	60	// if member has been found
60	61	// check if old password is correct
…	…
71	72	$q2->execute();
72	73	$row2 = $q2->fetchObject();
	74	$q2->closeCursor();
73	75	// encrypt user name and password
74	76	$e = new Encryption();
…	…
94	96	} else {
95	97	// member not found by id
	98	$q->closeCursor();
96	99	$div = $this->html->body->addChild('div', $LANG['error_id']);
97	100	$div->addAttribute('class', 'message');
…	…
114	117	if ($s && $row = $q->fetchObject()) {
115	118	// if member has been found
	119	$q->closeCursor();
116	120	// check if old password is correct
117	121	if (Member::authenticate($row->membername, $password)) {
…	…
130	134	} else {
131	135	// member not found by id
	136	$q->closeCursor();
132	137	$div = $this->html->body->addChild('div', $LANG['error_id']);
133	138	$div->addAttribute('class', 'message');
…	…
182	187	$s = $q->execute();
183	188	if ($s && $row = $q->fetchObject()) {
	189	$q->closeCursor();
184	190	if ($user != $row->membername) {
185	191	// update membername
…	…
224	230	// success
225	231	$output = $LANG['profile_updated'];
226		} else { $output = $LANG['error_id']; }
	232	} else {
	233	$q->closeCursor();
	234	$output = $LANG['error_id'];
	235	}
227	236	} else { $output = $LANG['error_mandatory']; }
228	237	$div = $this->html->body->addChild('div', $output);
…	…
280	289	$q->bindParam(':id', $key, PDO::PARAM_INT, 12);
281	290	if ($q->execute() && $q->fetchColumn() == 1) {
	291	$q->closeCursor();
282	292	// it is a public group, so go ahead and insert
283	293	$q2 = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'groupmemberships (member, usergroup) VALUES (:member, :group)');
…	…
285	295	$q2->bindParam(':group', $key, PDO::PARAM_INT, 12);
286	296	$q2->execute();
	297	} else {
	298	$q->closeCursor();
287	299	}
288	300	}
…	…
527	539	$q2->execute();
528	540	$row2 = $q2->fetchObject();
	541	$q2->closeCursor();
529	542	$form->addRawTableRow(Array($row2->topictitle . ' (' . $row2->forumtitle . ')', '<td><input type="checkbox" name="newsubscribed[' . $row->topic . ']" value="1" checked="checked" /></td>'));
530	543	}
…	…
541	554	$_col2 .= '<option value="' . $row['topicid'] . '">' . $row['topictitle'] . ' (' . $row['forumtitle'] . ')</option>';
542	555	}
	556	$q2->closeCursor();
543	557	}
544	558	$_col2 .= '</select></td>';
…	…
571	585	$_col2 .= ' checked="checked"';
572	586	}
	587	$q3->closeCursor();
573	588	$_col2 .= ' /></td>';
574	589	$form->addRawTableRow(Array('<td>' . $row['name'] . '</td>', $_col2));

trunk/includes/login.php

r3	r17
28	28	$q->execute();
29	29	$row = $q->fetchObject();
	30	$q->closeCursor();
30	31	// delete old session entry in the online table
31	32	$q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'online WHERE onlinesession=:session');

trunk/includes/session.php

r6	r17
121	121	$s = $q->execute();
122	122	if ($s && $q->fetchColumn() >= 1) {
	123	$q->closeCursor();
123	124	// update existing entry with new timestamp
124	125	$q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'online SET onlinetime=:time WHERE onlinesession=:session');
…	…
127	128	$q->execute();
128	129	} else {
	130	$q->closeCursor();
129	131	// check if returning user who has saved credentials in cookie
130	132	if ($_COOKIE['sb_user'] != '') {
…	…
144	146	if ($s && $row2 = $q2->fetchObject()) {
145	147	// automatic login successful
	148	$q2->closeCursor();
146	149	// regenerate ID in order to ensure privileged session hasn't been fixed in advance
147	150	session_regenerate_id();
…	…
203	206	$s = $q2->execute();
204	207	if ($s && $row2 = $q2->fetchObject()) {
	208	$q2->closeCursor();
205	209	// delete all but the newest one
206	210	$q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'online WHERE onlinememberid=:memberid AND onlinetime<:time');
…	…
208	212	$q->bindParam(':time', $row2->onlinetime, PDO::PARAM_INT, 12);
209	213	$q->execute();
	214	} else {
	215	$q2->closeCursor();
210	216	}
211	217	}

trunk/redirectors/pollvote.php

r8	r17
62	62	$q->bindParam(':id', $id, PDO::PARAM_INT, 12);
63	63	$s = $q->execute();
	64	$row_q = $q->fetchAll();
	65	$q->closeCursor();
64	66	$q2 = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'polls WHERE pollid=:id');
65	67	$q2->bindParam(':id', $id, PDO::PARAM_INT, 12);
66	68	$s2 = $q2->execute();
67	69	if ($s && $s2) {
68		$row_title = $~~q->fetchColumn()~~;
	70	$row_title = $row_q[0]['topictitle'];
69	71	$row = $q2->fetchObject();
	72	$q2->closeCursor();
70	73	// heading
71	74	$html->body->addChild('h2', $row_title);
…	…
103	106	$a->addAttribute('href', 'javascript:self.close()');
104	107	} else {
	108	$q2->closeCursor();
105	109	$div = $html->body->addChild('div', $LANG['error_id']);
106	110	$div->addAttribute('class', 'message');
…	…
120	124	if ($q->execute()) {
121	125	$row = $q->fetchObject();
	126	$q->closeCursor();
122	127	// check if logged in member already voted
123	128	$pollvoters = split("\n", $row->pollvoters);
…	…
157	162	} else {
158	163	// call error
	164	$q->closeCursor();
159	165	$div = $html->body->addChild('div', $LANG['error_id']);
160	166	$div->addAttribute('class', 'message');

trunk/redirectors/preview.php

r8 r17

72 72 $row->postedbymember = 0;
73 73 }
74 $q->closeCursor();
74 75 } else {
75 76 // logged in

trunk/redirectors/showip.php

r8	r17
60	60	$q->execute();
61	61	$_ip = $q->fetchColumn();
	62	$q->closeCursor();
62	63	// output
63	64	$html->body->addChild('h2', $LANG['IP']);

r8	r17
72	72	$row->postedbymember = 0;
73	73	}
	74	$q->closeCursor();
74	75	} else {
75	76	// logged in

Navigation

Changeset 17

Legend:

Download in other formats: